[cvsnt] Re: Stataus on SSH?

Tony Hoyle tmh at nodomain.org
Thu Mar 13 15:55:28 GMT 2003


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


On Thu, 13 Mar 2003 16:10:05 +0100, "Christer Grimsæth" <chrigri at msn.com>
wrote:

>Thanks for the reply.
>
>Could you give a little more info on :sserver ?
>If this is _not_ SSH, what do I need on the client then? Anything external
>on the server?
>What kind of encryption is it using? Is it considered safe?

It's SSLv2 (In theory it's capable of SSLv3 but I haven't got that working
yet).  By default it uses a 1024bit certificate, but you can generate a longer
(or shorter) on if you want.

It's 'safe' in that it's pretty hard to break.  Not impossible, but beyond
your average script kiddie by a long way (in theory if you sniffed the entire
session and used a big enough computer you could find the keys).  SSLv3
doesn't suffer from this problem and I'll be putting that in as soon as I work
out how it's done.

ssh is still the most secure for the really paranoid, of course.

>Is it possible to _force_ the usage of one particullar protocol on the
>server? Or only enable one?

Just delete the protocols you don't want (the protocol_xxx.dll files).  You
can also force encryption via the control panel.

Tony



More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook